Targeting the Enterprise Means Ignoring the World

Position paper for W3C Workshop on Web of Services for Enterprise
Computing

Can the Web fulfill industry and business requirements?

(Mr. Lacey is an employee of the Burton Group.
This position paper reflects Mr. Lacey's individual position, and is
not the position of his employer.)

Overview

The stated mission of the World Wide Web Consortium is To lead the World
Wide Web to its full potential by developing protocols and guidelines that
ensure long-term growth for the Web. The purpose of this workshop is
to answer the question "can the Web fulfill industry and business
requirements." My position is that the goal of this workshop is at odds
with the mission of the W3C. The W3C should be focusing on technologies
that are universally applicable. Any benefit that the enterprise may
derive from the efforts of the W3C is purely ancillary.

It is well within the W3C's scope to address the need for a "web of services"
as such services can be both created and consumed outside of enterprise
boundaries. When originally envisioned SOAP web services were expected
to address this need, and as such were worthy of the W3C's attention.
However, very early on it was apparent to many that SOAP web services were
not "of the Web," but instead were simply that latest incarnation of
enterprise middleware, and thus only applicable within the enterprise.
In the ensuing years the trivial number of SOAP web services that have
been exposed to business partners and general consumers, has proven out this
position. In fact, the use of web services within the enterprise is
also extremely modest, but that is besides the point.

In contrast, there has been a Web-based technology at hand at long as the Web
itself has been. It is a technology that achieves true Web scalability.
A technology that allows a service to provide both information and
(importantly for a web) hyperlinks to related information. A technology
that is equally applicable within and without the enterprise.. I am, of
course, referring to the Web itself, and in particular to a description of
Web-based distributed computing known as REST.

REST is subtle, that fact that HTTP can be used to create a web of services
is not immediately obvious to many. Over the years, though, as the
failure of SOAP web services becomes more and more apparent, and awareness
and use of REST and REST-like services has increased, interest in REST has
grown. Even so, the use of the one technology that can provide for a
web of services is not what it could be. Furthermore, much
misinformation surrounds this technology. The principal reasons for
this state of affairs are:

The implied blessing of SOAP, WSDL, and other web service standards, by
the W3C, thus leading people to believe that SOAP is the one true
way to achieve a world wide web of services.

Concordant with this, the lack of education, standardization efforts,
or general evangelism by the W3C to further promote the proper use of
REST.

The problem

Awareness of REST among developers is limited. Because enterprise
developers are not well versed in (or possibly even aware of) REST
principles, they continue to struggle with SOAP as the technology of choice
for exposing services on the network. Consequently, few web services
are made available to the world at large, and even fewer REST-styled
services. It is also true, but outside the scope of the W3C, that a
terrific number of dollars and man hours is being poured down the SOAP web
services drain.

Documented REST design patterns and best practices are extremely limited and
not consolidated. Similarly, example code is also scarce. Also,
much of what is in place today for enabling and securing the human-centric
web makes truly RESTful systems difficult to produce. For example,
security infrastructure that allows only HTTP GETs and POSTs, support in
HTML forms for only GETs and POSTs, HTTP libraries and servers that are
built around session-enabled applications rather than stateless resources.

Use Cases

REST is currently suitable for addressing a broad swath of use cases in
the realm of distributed computing. It is not suited to addressing all
possible use cases, nor should it be. REST need only address the use
case inherent in the Web: machine to machine communication that accounts for
things such as network latency, evolvability, simplicity, heterogeneity, and
hypermedia. The use case of addressing needs particular to the
enterprise are not in scope. Nothing in the W3C's efforts for fostering
a web of services should be limited to the typical integration challenges of
the enterprise or reimplementing enterprise middleware. Should W3C
efforts also prove useful for addressing some subset of these issues, so much
the better.

Recommendation(s) for W3C

It is recommended that the W3C embark on effort to promote and foster
REST-styled distributed systems. Such efforts should include evangelism
and education. The W3C should compile best practices and create other
documentation that enables developers to educate themselves and encourages
consistency of design. The W3C should ascertain what gaps currently
exist in the standard REST technology stack that can be addressed with
additional standardization. The W3C should encourage the development of
libraries, tools, and practices that foster the development of a web of
services. Finally, the W3C should divorce itself from all efforts that
further the technological needs of the enterprise at the expense of the
world.